AT&T的汇编格式
- 在intel格式中大多使用大写字母,而AT&T格式中使用小写字母。
- 在 AT&T 汇编格式中,寄存器名要加上 '%' 作为前缀;而在 Intel 汇编格式中,寄存器名不需要加前缀。例如:
AT&T 格式 |
Intel 格式 |
pushl %eax |
push eax |
- 在 AT&T 汇编格式中,用 '$' 前缀表示一个立即操作数;而在 Intel 汇编格式中,立即数的表示不用带任何前缀。例如:
AT&T 格式 |
Intel 格式 |
pushl $1 |
push 1 |
- AT&T 和 Intel 格式中的源操作数和目标操作数的位置正好相反。在 Intel 汇编格式中,目标操作数在源操作数的左边;而在 AT&T 汇编格式中,目标操作数在源操作数的右边。例如:
AT&T 格式 |
Intel 格式 |
addl $1, %eax |
add eax, 1 |
- 在 AT&T 汇编格式中,操作数的字长由操作符的最后一个字母决定,后缀'b'、'w'、'l'分别表示操作数为字节(byte,8 比特)、字(word,16 比特)和长字(long,32比特);而在 Intel 汇编格式中,操作数的字长是用 "byte ptr"、"word ptr" 和 "dword ptr" 等前缀来表示的。例如:
AT&T 格式 |
Intel 格式 |
movb val, %al |
mov al, byte ptr val |
- 在 AT&T 汇编格式中,绝对转移和调用指令(jmp/call)的操作数前要加上'*'作为前缀(读者大概会联想到C语言中的指针吧),而在 Intel 格式中则不需要。
- 远程转移指令和远程子调用指令的操作码,在 AT&T 汇编格式中为 "ljmp" 和 "lcall",而在 Intel 汇编格式中则为 "jmp far" 和 "call far",即:
AT&T 格式 |
Intel 格式 |
ljmp $section, $offset |
jmp far section:offset |
lcall $section, $offset |
call far section:offset |
- 与之相应的远程返回指令则为:
AT&T 格式 |
Intel 格式 |
lret $stack_adjust |
ret far stack_adjust |
- 在 AT&T 汇编格式中,内存操作数的寻址方式是
section:disp(base, index, scale) |
- 而在 Intel 汇编格式中,内存操作数的寻址方式为:
section:[base + index*scale + disp] |
- 由于 Linux 工作在保护模式下,用的是 32 位线性地址,所以在计算地址时不用考虑段基址和偏移量,而是采用如下的地址计算方法:
disp + base + index * scale |
- 下面是一些内存操作数的例子:
AT&T 格式 |
Intel 格式 |
movl -4(%ebp), %eax |
mov eax, [ebp - 4] |
movl array(, %eax, 4), %eax |
mov eax, [eax*4 + array] |
movw array(%ebx, %eax, 4), %cx |
mov cx, [ebx + 4*eax + array] |
movb $4, %fs:(%eax) |
mov fs:eax, 4 |
GCC 内联汇编
用汇编编写的程序虽然运行速度快,但开发速度非常慢,效率也很低。如果只是想对关键代码段进行优化,或许更好的办法是将汇编指令嵌入到 C 语言程序中,从而充分利用高级语言和汇编语言各自的特点。但一般来讲,在 C 代码中嵌入汇编语句要比"纯粹"的汇编语言代码复杂得多,因为需要解决如何分配寄存器,以及如何与C代码中的变量相结合等问题。
GCC 提供了很好的内联汇编支持,最基本的格式是:
__asm__("asm statements"); 或asm("asm statements"); |
注:实际的内联汇编语句多为__asm__ __volatile__("asm statements"),__volatile__关键字的意思是不允许优化,使编译器严格按照你的汇编代码汇编。
例如:
__asm__("nop"); |
如果需要同时执行多条汇编语句,则应该用"//n//t"将各个语句分隔开,例如:
__asm__( "pushl %%eax //n//t" "movl $0, %%eax //n//t" "popl %eax"); |
实际上gcc在处理汇编时,是要把asm(...)的内容"打印"到汇编文件中,所以格式控制字符是必要的.
通常嵌入到 C 代码中的汇编语句很难做到与其它部分没有任何关系,因此更多时候需要用到完整的内联汇编格式:
__asm__("asm statements" : outputs : inputs : registers-modified); |
插入到 C 代码中的汇编语句是以":"分隔的四个部分,其中第一部分就是汇编代码本身,通常称为指令部,其格式和在汇编语言中使用的格式基本相同。指令部分是必须的,而其它部分则可以根据实际情况而省略。
在将汇编语句嵌入到C代码中时,操作数如何与C代码中的变量相结合是个很大的问题。GCC采用如下方法来解决这个问题:程序员提供具体的指令,而对寄存器的使用则只需给出"样板"和约束条件就可以了,具体如何将寄存器与变量结合起来完全由GCC和GAS来负责。
在GCC内联汇编语句的指令部中,加上前缀''%''的数字(如%0,%1)表示的就是需要使用寄存器的"样板"操作数。指令部中使用了几个样板操作数,就表明有几个变量需要与寄存器相结合,这样GCC和GAS在编译和汇编时会根据后面给定的约束条件进行恰当的处理。由于样板操作数也使用'' %''作为前缀,因此在涉及到具体的寄存器时,寄存器名前面应该加上两个''%'',以免产生混淆。
紧跟在指令部后面的是输出部,是规定输出变量如何与样板操作数进行结合的条件,每个条件称为一个"约束",必要时可以包含多个约束,相互之间用逗号分隔开就可以了。每个输出约束都以''=''号开始,然后紧跟一个对操作数类型进行说明的字后,最后是如何与变量相结合的约束。凡是与输出部中说明的操作数相结合的寄存器或操作数本身,在执行完嵌入的汇编代码后均不保留执行之前的内容,这是GCC在调度寄存器时所使用的依据。
输出部后面是输入部,输入约束的格式和输出约束相似,但不带''=''号。如果一个输入约束要求使用寄存器,则GCC在预处理时就会为之分配一个寄存器,并插入必要的指令将操作数装入该寄存器。与输入部中说明的操作数结合的寄存器或操作数本身,在执行完嵌入的汇编代码后也不保留执行之前的内容。
有时在进行某些操作时,除了要用到进行数据输入和输出的寄存器外,还要使用多个寄存器来保存中间计算结果,这样就难免会破坏原有寄存器的内容。在GCC内联汇编格式中的最后一个部分中,可以对将产生副作用的寄存器进行说明,以便GCC能够采用相应的措施。
下面是一个内联汇编的简单例子:
例4.内联汇编
/* inline.c */ int main() { int a = 10, b = 0; __asm__ __volatile__( "movl %1, %%eax;//n//r" "movl %%eax, %0;" :"=r"(b) /* 输出 */ :"r"(a) /* 输入 */ :"%eax"); /* 不受影响的寄存器 */ printf("Result: %d, %d//n", a, b); } |
上面的程序完成将变量a的值赋予变量b,有几点需要说明:
- 变量b是输出操作数,通过%0来引用,而变量a是输入操作数,通过%1来引用。
- 输入操作数和输出操作数都使用r进行约束,表示将变量a和变量b存储在寄存器中。输入约束和输出约束的不同点在于输出约束多一个约束修饰符''=''。
- 在内联汇编语句中使用寄存器eax时,寄存器名前应该加两个''%'',即%%eax。内联汇编中使用%0、%1等来标识变量,任何只带一个''%''的标识符都看成是操作数,而不是寄存器。
- 内联汇编语句的最后一个部分告诉GCC它将改变寄存器eax中的值,GCC在处理时不应使用该寄存器来存储任何其它的值。
- 由于变量b被指定成输出操作数,当内联汇编语句执行完毕后,它所保存的值将被更新。
在内联汇编中用到的操作数从输出部的第一个约束开始编号,序号从0开始,每个约束记数一次,指令部要引用这些操作数时,只需在序号前加上''%''作为前缀就可以了。需要注意的是,内联汇编语句的指令部在引用一个操作数时总是将其作为32位的长字使用,但实际情况可能需要的是字或字节,因此应该在约束中指明正确的限定符:
限定符 |
意义 |
"m"、"v"、"o" |
不通过寄存器直接操作内存单元 |
"r" |
任何寄存器 |
"a"、"b"、"c"、"d" |
分别表示寄存器eax、ebx、ecx和edx |
"S"和"D" |
寄存器esi、edi |
"i"、"h" |
直接操作数 |
"E"和"F" |
浮点数 |
"g" |
任意 |
"I" |
常数(0至31) |
"0","1", … |
见匹配(数字)约束 |
"&" |
见&(下面) |
"A" |
将%edx:%eax作为64位integer,见A |
匹配(数字)约束
在某些情况下,一个变量既要充当输入操作数,也要充当输出操作数。可以通过使用匹配约束在 "asm" 中指定这种情况。
asm ("incl %0" :"=a"(var):"0"(var));
在匹配约束的示例中,寄存器 %eax 既用作输入变量,也用作输出变量。将 var 输入读取到 %eax,增加后将更新的 %eax 再次存储在 var 中。这里的 "0" 指定第 0 个输出变量相同的约束。即,它指定 var 的输出实例只应该存储在 %eax 中。该约束可以用于以下情况:
·输入从变量中读取,或者变量被修改后,修改写回到同一变量中
·不需要将输入操作数和输出操作数的实例分开
·使用匹配约束最重要的意义在于它们可以导致有效地使用可用寄存器。
&
输入 x 和输出 y 可能分配在同一个寄存器中,要确保输入和输出分配到不同的寄存器中,可以指定 & 约束修饰符。下面是添加了约束修饰符的示例。
int main(void)
{
int x = 10, y;
asm ("movl %1, %%eax;
"movl %%eax, %0;"
:"=&r"(y) /* y is output operand, note the & constraint modifier. */
:"r"(x) /* x is input operand */
:"%eax"); /* %eax is clobbered register */
}
以下是为该示例生成的汇编代码,从中可以明显地看出 x 和 y 存储在 "asm" 中不同的寄存器中。
main:
pushl %ebp
movl %esp,%ebp
subl $8,%esp
movl $10,-4(%ebp)
movl -4(%ebp),%ecx /* x, the input is in %ecx */
#APP
movl %ecx, %eax
movl %eax, %edx /* y, the output is in %edx */
#NO_APP
movl %edx,-8(%ebp)
特定寄存器约束的使用
现在让我们看一下如何将个别寄存器作为操作数的约束指定。在下面的示例中,cpuid 指令采用 %eax 寄存器中的输入,然后在四个寄存器中给出输出:%eax、%ebx、%ecx、%edx。对 cpuid 的输入(变量 "op")传递到 "asm" 的 eax 寄存器中,因为 cpuid 希望它这样做。在输出中使用 a、b、c 和 d 约束,分别收集四个寄存器中的值。
asm ("cpuid"
: "=a" (_eax),
"=b" (_ebx),
"=c" (_ecx),
"=d" (_edx)
: "a" (op));
在下面可以看到为它生成的汇编代码(假设 _eax、_ebx 等... 变量都存储在堆栈上):
movl -20(%ebp),%eax /* store 'op' in %eax -- input */
#APP
cpuid
#NO_APP
movl %eax,-4(%ebp) /* store %eax in _eax -- output */
movl %ebx,-8(%ebp) /* store other registers in
movl %ecx,-12(%ebp)
respective output variables */
movl %edx,-16(%ebp)
A
在下面可以看到另一个约束,它使用两个寄存器 %eax 和 %edx 将两个 32 位的值合并在一起,然后生成一个64 位的值(%edx:%eax):
#define rdtscll(val) /
__asm__ __volatile__ ("rdtsc" : "=A" (val))
The generated assembly looks like this (if val has a 64 bit memory space).
#APP
rdtsc
#NO_APP
movl %eax,-8(%ebp) /* As a result of A constraint
movl %edx,-4(%ebp)
%eax and %edx serve as outputs */
Note here that the values in %edx:%eax serve as 64 bit output.
Intel X86 汇编指令集
A
AAA - Ascii Adjust for Addition
Usage: AAA
Modifies flags: AF CF (OF,PF,SF,ZF undefined)
Changes contents of AL to valid unpacked decimal. The high order
nibble is zeroed.
Clocks Size
Operands 808x 286 386 486 Bytes
none 8 3 4 3 1
AAD - Ascii Adjust for Division
Usage: AAD
Modifies flags: SF ZF PF (AF,CF,OF undefined)
Used before dividing unpacked decimal numbers. Multiplies AH by
10 and the adds result into AL. Sets AH to zero. This instruction
is also known to have an undocumented behavior.
AL := 10*AH+AL
AH := 0
Clocks Size
Operands 808x 286 386 486 Bytes
none 60 14 19 14 2
AAM - Ascii Adjust for Multiplication
Usage: AAM
Modifies flags: PF SF ZF (AF,CF,OF undefined)
AH := AL / 10
AL := AL mod 10
Used after multiplication of two unpacked decimal numbers, this
instruction adjusts an unpacked decimal number. The high order
nibble of each byte must be zeroed before using this instruction.
This instruction is also known to have an undocumented behavior.
Clocks Size
Operands 808x 286 386 486 Bytes
none 83 16 17 15 2
AAS - Ascii Adjust for Subtraction
Usage: AAS
Modifies flags: AF CF (OF,PF,SF,ZF undefined)
Corrects result of a previous unpacked decimal subtraction in AL.
High order nibble is zeroed.
Clocks Size
Operands 808x 286 386 486 Bytes
none 8 3 4 3 1
Usage: ADC dest,src
Modifies flags: AF CF OF SF PF ZF
Sums two binary operands placing the result in the destination.
If CF is set, a 1 is added to the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=23+EA)
accum,immed 4 3 2 1 2-3
Usage: ADD dest,src
Modifies flags: AF CF OF PF SF ZF
Adds "src" to "dest" and replacing the original contents of "dest".
Both operands are binary.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=23+EA)
accum,immed 4 3 2 1 2-3
Usage: AND dest,src
Modifies flags: CF OF PF SF ZF (AF undefined)
Performs a logical AND of the two operands replacing the destination
with the result.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 1 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=23+EA)
accum,immed 4 3 2 1 2-3
ARPL - Adjusted Requested Privilege Level of Selector (286+ PM)
Usage: ARPL dest,src
(286+ protected mode)
Modifies flags: ZF
Compares the RPL bits of "dest" against "src". If the RPL bits
of "dest" are less than "src", the destination RPL bits are set
equal to the source RPL bits and the Zero Flag is set. Otherwise
the Zero Flag is cleared.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - 10 20 9 2
mem,reg - 11 21 9 4
B
BOUND - Array Index Bound Check (80188+)
Usage: BOUND src,limit
Modifies flags: None
Array index in source register is checked against upper and lower
bounds in memory source. The first word located at "limit" is
the lower boundary and the word at "limit+2" is the upper array bound.
Interrupt 5 occurs if the source value is less than or higher than
the source.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,mem32 - nj=13 nj=10 7 2
reg32,mem64 - nj=13 nj=10 7 2
- nj = no jump taken
Usage: BSF dest,src
Modifies flags: ZF
Scans source operand for first bit set. Sets ZF if a bit is found
set and loads the destination with an index to first set bit. Clears
ZF is no bits are found set. BSF scans forward across bit pattern
(0-n) while BSR scans in reverse (n-0).
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - 10+3n 6-42 3
reg,mem - - 10+3n 7-43 3-7
reg32,reg32 - - 10+3n 6-42 3-7
reg32,mem32 - - 10+3n 7-43 3-7
Usage: BSR dest,src
Modifies flags: ZF
Scans source operand for first bit set. Sets ZF if a bit is found
set and loads the destination with an index to first set bit. Clears
ZF is no bits are found set. BSF scans forward across bit pattern
(0-n) while BSR scans in reverse (n-0).
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - 10+3n 6-103 3
reg,mem - - 10+3n 7-104 3-7
reg32,reg32 - - 10+3n 6-103 3-7
reg32,mem32 - - 10+3n 7-104 3-7
Usage: BSWAP reg32
Modifies flags: none
Changes the byte order of a 32 bit register from big endian to
little endian or vice versa. Result left in destination register
is undefined if the operand is a 16 bit register.
Clocks Size
Operands 808x 286 386 486 Bytes
reg32 - - - 1 2
Usage: BT dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 3 3 4-8
mem16,immed8 - - 6 6 4-8
reg16,reg16 - - 3 3 3-7
mem16,reg16 - - 12 12 3-7
BTC - Bit Test with Compliment (386+)
Usage: BTC dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag after being complimented (inverted).
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 6 6 4-8
mem16,immed8 - - 8 8 4-8
reg16,reg16 - - 6 6 3-7
mem16,reg16 - - 13 13 3-7
BTR - Bit Test with Reset (386+)
Usage: BTR dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag and then cleared in the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 6 6 4-8
mem16,immed8 - - 8 8 4-8
reg16,reg16 - - 6 6 3-7
mem16,reg16 - - 13 13 3-7
Usage: BTS dest,src
Modifies flags: CF
The destination bit indexed by the source value is copied into the
Carry Flag and then set in the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,immed8 - - 6 6 4-8
mem16,immed8 - - 8 8 4-8
reg16,reg16 - - 6 6 3-7
mem16,reg16 - - 13 13 3-7
C
Usage: CALL destination
Modifies flags: None
Pushes Instruction Pointer (and Code Segment for far calls) onto
stack and loads Instruction Pointer with the address of proc-name.
Code continues with execution at CS:IP.
Clocks
Operands 808x 286 386 486
rel16 (near, IP relative) 19 7 7+m 3
rel32 (near, IP relative) - - 7+m 3
reg16 (near, register indirect) 16 7 7+m 5
reg32 (near, register indirect) - - 7+m 5
mem16 (near, memory indirect) 21+EA 11 10+m 5
mem32 (near, memory indirect) - - 10+m 5
ptr16:16 (far, full ptr supplied) 28 13 17+m 18
ptr16:32 (far, full ptr supplied) - - 17+m 18
ptr16:16 (far, ptr supplied, prot. mode) - 26 34+m 20
ptr16:32 (far, ptr supplied, prot. mode) - - 34+m 20
m16:16 (far, indirect) 37+EA 16 22+m 17
m16:32 (far, indirect) - - 22+m 17
m16:16 (far, indirect, prot. mode) - 29 38+m 20
m16:32 (far, indirect, prot. mode) - - 38+m 20
ptr16:16 (task, via TSS or task gate) - 177 TS 37+TS
m16:16 (task, via TSS or task gate) - 180/185 5+TS 37+TS
m16:32 (task) - - TS 37+TS
m16:32 (task) - - 5+TS 37+TS
ptr16:16 (gate, same privilege) - 41 52+m 35
ptr16:32 (gate, same privilege) - - 52+m 35
m16:16 (gate, same privilege) - 44 56+m 35
m16:32 (gate, same privilege) - - 56+m 35
ptr16:16 (gate, more priv, no parm) - 82 86+m 69
ptr16:32 (gate, more priv, no parm) - - 86+m 69
m16:16 (gate, more priv, no parm) - 83 90+m 69
m16:32 (gate, more priv, no parm) - - 90+m 69
ptr16:16 (gate, more priv, x parms) - 86+4x 94+4x+m 77+4x
ptr16:32 (gate, more priv, x parms) - - 94+4x+m 77+4x
m16:16 (gate, more priv, x parms) - 90+4x 98+4x+m 77+4x
m16:32 (gate, more priv, x parms) - - 98+4x+m 77+4x
Usage: CBW
Modifies flags: None
Converts byte in AL to word Value in AX by extending sign of AL
throughout register AH.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 3 3 1
CDQ - Convert Double to Quad (386+)
Usage: CDQ
Modifies flags: None
Converts signed DWORD in EAX to a signed quad word in EDX:EAX by
extending the high order bit of EAX throughout EDX
Clocks Size
Operands 808x 286 386 486 Bytes
none - - 2 3 1
Usage: CLC
Modifies flags: CF
Clears the Carry Flag.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
Usage: CLD
Modifies flags: DF
Clears the Direction Flag causing string instructions to increment
the SI and DI index registers.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
CLI - Clear Interrupt Flag (disable)
Usage: CLI
Modifies flags: IF
Disables the maskable hardware interrupts by clearing the Interrupt
flag. NMI's and software interrupts are not inhibited.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 3 5 1
CLTS - Clear Task Switched Flag (286+ privileged)
Usage: CLTS
Modifies flags: None
Clears the Task Switched Flag in the Machine Status Register. This
is a privileged operation and is generally used only by operating
system code.
Clocks Size
Operands 808x 286 386 486 Bytes
none - 2 5 7 2
Usage: CMC
Modifies flags: CF
Toggles (inverts) the Carry Flag
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
Usage: CMP dest,src
Modifies flags: AF CF OF PF SF ZF
Subtracts source from destination and updates the flags but does
not save result. Flags can subsequently be checked for conditions.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 9+EA 7 5 2 2-4 (W88=13+EA)
reg,mem 9+EA 6 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 10+EA 6 5 2 3-6 (W88=14+EA)
accum,immed 4 3 2 1 2-3
CMPS - Compare String (Byte, Word or Doubleword)
Usage: CMPS dest,src
CMPSB
CMPSW
CMPSD (386+)
Modifies flags: AF CF OF PF SF ZF
Subtracts destination value from source without saving results.
Updates flags based on the subtraction and the index registers
(E)SI and (E)DI are incremented or decremented depending on the
state of the Direction Flag. CMPSB inc/decrements the index
registers by 1, CMPSW inc/decrements by 2, while CMPSD increments
or decrements by 4. The REP prefixes can be used to process
entire data items.
Clocks Size
Operands 808x 286 386 486 Bytes
dest,src 22 8 10 8 1 (W88=30)
CMPXCHG - Compare and Exchange
Usage: CMPXCHG dest,src (486+)
Modifies flags: AF CF OF PF SF ZF
Compares the accumulator (8-32 bits) with "dest". If equal the
"dest" is loaded with "src", otherwise the accumulator is loaded
with "dest".
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - - 6 2
mem,reg - - - 7 2
- add 3 clocks if the "mem,reg" comparison fails
CWD - Convert Word to Doubleword
Usage: CWD
Modifies flags: None
Extends sign of word in register AX throughout register DX forming
a doubleword quantity in DX:AX.
Clocks Size
Operands 808x 286 386 486 Bytes
none 5 2 2 3 1
CWDE - Convert Word to Extended Doubleword (386+)
Usage: CWDE
Modifies flags: None
Converts a signed word in AX to a signed doubleword in EAX by
extending the sign bit of AX throughout EAX.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - 3 3 1
D
DAA - Decimal Adjust for Addition
Usage: DAA
Modifies flags: AF CF PF SF ZF (OF undefined)
Corrects result (in AL) of a previous BCD addition operation.
Contents of AL are changed to a pair of packed decimal digits.
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 3 4 2 1
DAS - Decimal Adjust for Subtraction
Usage: DAS
Modifies flags: AF CF PF SF ZF (OF undefined)
Corrects result (in AL) of a previous BCD subtraction operation.
Contents of AL are changed to a pair of packed decimal digits.
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 3 4 2 1
Usage: DEC dest
Modifies flags: AF OF PF SF ZF
Unsigned binary subtraction of one from the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 3 2 2 1 2
mem 15+EA 7 6 3 2-4
reg16/32 3 2 2 1 1
Usage: DIV src
Modifies flags: (AF,CF,OF,PF,SF,ZF undefined)
Unsigned binary division of accumulator by source. If the source
divisor is a byte value then AX is divided by "src" and the quotient
is placed in AL and the remainder in AH. If source operand is a word
value, then DX:AX is divided by "src" and the quotient is stored in AX
and the remainder in DX.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 80-90 14 14 16 2
reg16 144-162 22 22 24 2
reg32 - - 38 40 2
mem8 (86-96)+EA 17 17 16 2-4
mem16 (150-168)+EA 25 25 24 2-4 (W88=158-176+EA)
mem32 - - 41 40 2-4
E
ENTER - Make Stack Frame (80188+)
Usage: ENTER locals,level
Modifies flags: None
Modifies stack for entry to procedure for high level language.
Operand "locals" specifies the amount of storage to be allocated
on the stack. "Level" specifies the nesting level of the routine.
Paired with the LEAVE instruction, this is an efficient method of
entry and exit to procedures.
Clocks Size
Operands 808x 286 386 486 Bytes
immed16,0 - 11 10 14 4
immed16,1 - 15 12 17 4
immed16,immed8 - 12+4(n-1) 15+4(n-1) 17+3n 4
Usage: ESC immed,src
Modifies flags: None
Provides access to the data bus for other resident processors.
The CPU treats it as a NOP but places memory operand on bus.
Clocks Size
Operands 808x 286 386 486 Bytes
immed,reg 2 9-20 ? 2
immed,mem 2 9-20 ? 2-4
H
Usage: HLT
Modifies flags: None
Halts CPU until RESET line is activated, NMI or maskable interrupt
received. The CPU becomes dormant but retains the current CS:IP
for later restart.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 5 4 1
I
IDIV - Signed Integer Division
Usage: IDIV src
Modifies flags: (AF,CF,OF,PF,SF,ZF undefined)
Signed binary division of accumulator by source. If source is a
byte value, AX is divided by "src" and the quotient is stored in
AL and the remainder in AH. If source is a word value, DX:AX is
divided by "src", and the quotient is stored in AL and the
remainder in DX.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 101-112 17 19 19 2
reg16 165-184 25 27 27 2
reg32 - - 43 43 2
mem8 (107-118)+EA 20 22 20 2-4
mem16 (171-190)+EA 38 30 28 2-4 (W88=175-194)
mem32 - - 46 44 2-4
Usage: IMUL src
IMUL src,immed (286+)
IMUL dest,src,immed8 (286+)
IMUL dest,src (386+)
Modifies flags: CF OF (AF,PF,SF,ZF undefined)
Signed multiplication of accumulator by "src" with result placed
in the accumulator. If the source operand is a byte value, it
is multiplied by AL and the result stored in AX. If the source
operand is a word value it is multiplied by AX and the result is
stored in DX:AX. Other variations of this instruction allow
specification of source and destination registers as well as a
third immediate factor.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 80-98 13 9-14 13-18 2
reg16 128-154 21 9-22 13-26 2
reg32 - - 9-38 12-42 2
mem8 86-104 16 12-17 13-18 2-4
mem16 134-160 24 12-25 13-26 2-4
mem32 - - 12-41 13-42 2-4
reg16,reg16 - - 9-22 13-26 3-5
reg32,reg32 - - 9-38 13-42 3-5
reg16,mem16 - - 12-25 13-26 3-5
reg32,mem32 - - 12-41 13-42 3-5
reg16,immed - 21 9-22 13-26 3
reg32,immed - 21 9-38 13-42 3-6
reg16,reg16,immed - 2 9-22 13-26 3-6
reg32,reg32,immed - 21 9-38 13-42 3-6
reg16,mem16,immed - 24 12-25 13-26 3-6
reg32,mem32,immed - 24 12-41 13-42 3-6
IN - Input Byte or Word From Port
Usage: IN accum,port
Modifies flags: None
A byte, word or dword is read from "port" and placed in AL, AX or
EAX respectively. If the port number is in the range of 0-255
it can be specified as an immediate, otherwise the port number
must be specified in DX. Valid port ranges on the PC are 0-1024,
though values through 65535 may be specified and recognized by
third party vendors and PS/2's.
Clocks Size
Operands 808x 286 386 486 Bytes
accum,immed8 10/14 5 12 14 2
accum,immed8 (PM) 6/26 8/28/27 2
accum,DX 8/12 5 13 14 1
accum,DX (PM) 7/27 8/28/27 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing if: CPL ?IOPL
second number is the timing if: CPL > IOPL or in VM 86 mode (386)
CPL ?IOPL (486)
third number is the timing when: virtual mode on 486 processor
- 486 virtual mode always requires 27 cycles
Usage: INC dest
Modifies flags: AF OF PF SF ZF
Adds one to destination unsigned binary operand.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 3 2 2 1 2
reg16 3 2 2 1 1
reg32 3 2 2 1 1
mem 15+EA 7 6 3 2-4 (W88=23+EA)
INS - Input String from Port (80188+)
Usage: INS dest,port
INSB
INSW
INSD (386+)
Modifies flags: None
Loads data from port to the destination ES:(E)DI (even if a
destination operand is supplied). (E)DI is adjusted by the size
of the operand and increased if the Direction Flag is cleared and
decreased if the Direction Flag is set. For INSB, INSW, INSD no
operands are allowed and the size is determined by the mnemonic.
Clocks Size
Operands 808x 286 386 486 Bytes
dest,port - 5 15 17 1
dest,port (PM) - 5 9/29 10/32/30 1
none - 5 15 17 1
none (PM) - 5 9/29 10/32/30 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing if: CPL ?IOPL
second number is the timing if: CPL > IOPL
third number is the timing if: virtual mode on 486 processor
Usage: INT num
Modifies flags: TF IF
Initiates a software interrupt by pushing the flags, clearing the
Trap and Interrupt Flags, pushing CS followed by IP and loading
CS:IP with the value found in the interrupt vector table. Execution
then begins at the location addressed by the new CS:IP
Clocks Size
Operands 808x 286 386 486 Bytes
3 (constant) 52/72 23+m 33 26 2
3 (prot. mode, same priv.) - 40+m 59 44 2
3 (prot. mode, more priv.) - 78+m 99 71 2
3 (from VM86 to PL 0) - - 119 82 2
3 (prot. mode via task gate) - 167+m TS 37+TS 2
immed8 51/71 23+m 37 30 1
immed8 (prot. mode, same priv.) - 40+m 59 44 1
immed8 (prot. mode, more priv.) - 78+m 99 71 1
immed8 (from VM86 to PL 0) - - 119 86 1
immed8 (prot. mode, via task gate) - 167+m TS 37+TS 1
Usage: INTO
Modifies flags: IF TF
If the Overflow Flag is set this instruction generates an INT 4
which causes the code addressed by 0000:0010 to be executed.
Clocks Size
Operands 808x 286 386 486 Bytes
none: jump 53/73 24+m 35 28 1
no jump 4 3 3 3
(prot. mode, same priv.) - - 59 46 1
(prot. mode, more priv.) - - 99 73 1
(from VM86 to PL 0) - - 119 84 1
(prot. mode, via task gate) - TS 39+TS 1
INVD - Invalidate Cache (486+)
Usage: INVD
Modifies flags: none
Flushes CPU internal cache. Issues special function bus cycle
which indicates to flush external caches. Data in write-back
external caches is lost.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - - 4 2
INVLPG - Invalidate Translation Look-Aside Buffer Entry (486+)
Usage: INVLPG
Modifies flags: none
Invalidates a single page table entry in the Translation
Look-Aside Buffer. Intel warns that this instruction may be
implemented differently on future processors.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - - 12 2
- timing is for TLB entry hit only.
Usage: IRET
IRETD (386+)
Modifies flags: AF CF DF IF PF SF TF ZF
Returns control to point of interruption by popping IP, CS
and then the Flags from the stack and continues execution at
this location. CPU exception interrupts will return to the
instruction that cause the exception because the CS:IP placed
on the stack during the interrupt is the address of the offending
instruction.
Clocks Size
Operands 808x 286 386 486 Bytes
iret 32/44 17+m 22 15 1
iret (prot. mode) - 31+m 38 15 1
iret (to less privilege) - 55+m 82 36 1
iret (different task, NT=1) - 169+m TS TS+32 1
iretd - - 22/38 15 1
iretd (to less privilege) - - 82 36 1
iretd (to VM86 mode) - - 60 15 1
iretd (different task, NT=1) - - TS TS+32 1
- 386 timings are listed as real-mode/protected-mode
J
Mnemonic Meaning Jump Condition
JA Jump if Above CF=0 and ZF=0
JAE Jump if Above or Equal CF=0
JB Jump if Below CF=1
JBE Jump if Below or Equal CF=1 or ZF=1
JC Jump if Carry CF=1
JCXZ Jump if CX Zero CX=0
JE Jump if Equal ZF=1
JG Jump if Greater (signed) ZF=0 and SF=OF
JGE Jump if Greater or Equal (signed) SF=OF
JL Jump if Less (signed) SF != OF
JLE Jump if Less or Equal (signed) ZF=1 or SF != OF
JMP Unconditional Jump unconditional
JNA Jump if Not Above CF=1 or ZF=1
JNAE Jump if Not Above or Equal CF=1
JNB Jump if Not Below CF=0
JNBE Jump if Not Below or Equal CF=0 and ZF=0
JNC Jump if Not Carry CF=0
JNE Jump if Not Equal ZF=0
JNG Jump if Not Greater (signed) ZF=1 or SF != OF
JNGE Jump if Not Greater or Equal (signed) SF != OF
JNL Jump if Not Less (signed) SF=OF
JNLE Jump if Not Less or Equal (signed) ZF=0 and SF=OF
JNO Jump if Not Overflow (signed) OF=0
JNP Jump if No Parity PF=0
JNS Jump if Not Signed (signed) SF=0
JNZ Jump if Not Zero ZF=0
JO Jump if Overflow (signed) OF=1
JP Jump if Parity PF=1
JPE Jump if Parity Even PF=1
JPO Jump if Parity Odd PF=0
JS Jump if Signed (signed) SF=1
JZ Jump if Zero ZF=1
Clocks Size
Operands 808x 286 386 486 Bytes
Jx: jump 16 7+m 7+m 3 2
no jump 4 3 3 1
Jx near-label - - 7+m 3 4
no jump - - 3 1
- It's a good programming practice to organize code so the
expected case is executed without a jump since the actual
jump takes longer to execute than falling through the test.
- see JCXZ and JMP for their respective timings
JCXZ/JECXZ - Jump if Register (E)CX is Zero
Usage: JCXZ label
JECXZ label (386+)
Modifies flags: None
Causes execution to branch to "label" if register CX is zero. Uses
unsigned comparision.
Clocks Size
Operands 808x 286 386 486 Bytes
label: jump 18 8+m 9+m 8 2
no jump 6 4 5 5
Usage: JMP target
Modifies flags: None
Unconditionally transfers control to "label". Jumps by default
are within -32768 to 32767 bytes from the instruction following
the jump. NEAR and SHORT jumps cause the IP to be updated while FAR
jumps cause CS and IP to be updated.
Clocks
Operands 808x 286 386 486
rel8 (relative) 15 7+m 7+m 3
rel16 (relative) 15 7+m 7+m 3
rel32 (relative) - - 7+m 3
reg16 (near, register indirect) 11 7+m 7+m 5
reg32 (near, register indirect) - - 7+m 5
mem16 (near, mem indirect) 18+EA 11+m 10+m 5
mem32 (near, mem indirect) 24+EA 15+m 10+m 5
ptr16:16 (far, dword immed) - - 12+m 17
ptr16:16 (far, PM dword immed) - - 27+m 19
ptr16:16 (call gate, same priv.) - 38+m 45+m 32
ptr16:16 (via TSS) - 175+m TS 42+TS
ptr16:16 (via task gate) - 180+m TS 43+TS
mem16:16 (far, indirect) - - 43+m 13
mem16:16 (far, PM indirect) - - 31+m 18
mem16:16 (call gate, same priv.) - 41+m 49+m 31
mem16:16 (via TSS) - 178+m 5+TS 41+TS
mem16:16 (via task gate) - 183+m 5+TS 42+TS
ptr16:32 (far, 6 byte immed) - - 12+m 13
ptr16:32 (far, PM 6 byte immed) - - 27+m 18
ptr16:32 (call gate, same priv.) - - 45+m 31
ptr16:32 (via TSS) - - TS 42+TS
ptr16:32 (via task state) - - TS 43+TS
m16:32 (far, address at dword) - - 43+m 13
m16:32 (far, address at dword) - - 31+m 18
m16:32 (call gate, same priv.) - - 49+m 31
m16:32 (via TSS) - - 5+TS 41+TS
m16:32 (via task state) - - 5+TS 42+TS
L
LAHF - Load Register AH From Flags
Usage: LAHF
Modifies flags: None
Copies bits 0-7 of the flags register into AH. This includes flags
AF, CF, PF, SF and ZF other bits are undefined.
AH := SF ZF xx AF xx PF xx CF
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 2 2 3 1
LAR - Load Access Rights (286+ protected)
Usage: LAR dest,src
Modifies flags: ZF
The high byte of the of the destination register is overwritten by
the value of the access rights byte and the low order byte is zeroed
depending on the selection in the source operand. The Zero Flag is
set if the load operation is successful.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,reg16 - 14 15 11 3
reg32,reg32 - - 15 11 3
reg16,mem16 - 16 16 11 3-7
reg32,mem32 - - 16 11 3-7
Usage: LDS dest,src
Modifies flags: None
Loads 32-bit pointer from memory source to destination register
and DS. The offset is placed in the destination register and the
segment is placed in DS. To use this instruction the word at the
lower memory address must contain the offset and the word at the
higher address must contain the segment. This simplifies the loading
of far pointers from the stack and the interrupt vector table.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,mem32 16+EA 7 7 6 2-4
reg,mem (PM) - - 22 12 5-7
Usage: LEA dest,src
Modifies flags: None
Transfers offset address of "src" to the destination register.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,mem 2+EA 3 2 1 2-4
- the MOV instruction can often save clock cycles when used in
place of LEA on 8088 processors
LEAVE - Restore Stack for Procedure Exit (80188+)
Usage: LEAVE
Modifies flags: None
Releases the local variables created by the previous ENTER
instruction by restoring SP and BP to their condition before
the procedure stack frame was initialized.
Clocks Size
Operands 808x 286 386 486 Bytes
none - 5 4 5 1
Usage: LES dest,src
Modifies flags: None
Loads 32-bit pointer from memory source to destination register
and ES. The offset is placed in the destination register and the
segment is placed in ES. To use this instruction the word at the
lower memory address must contain the offset and the word at the
higher address must contain the segment. This simplifies the loading
of far pointers from the stack and the interrupt vector table.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,mem 16+EA 7 7 6 2-4 (W88=24+EA)
reg,mem (PM) - - 22 12 5-7
LFS - Load Pointer Using FS (386+)
Usage: LFS dest,src
Modifies flags: None
Loads 32-bit pointer from memory source to destination register
and FS. The offset is placed in the destination register and the
segment is placed in FS. To use this instruction the word at the
lower memory address must contain the offset and the word at the
higher address must contain the segment. This simplifies the loading
of far pointers from the stack and the interrupt vector table.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,mem - - 7 6 5-7
reg,mem (PM) - - 22 12 5-7
LGDT - Load Global Descriptor Table (286+ privileged)
Usage: LGDT src
Modifies flags: None
Loads a value from an operand into the Global Descriptor Table
(GDT) register.
Clocks Size
Operands 808x 286 386 486 Bytes
mem64 - 11 11 11 5
LIDT - Load Interrupt Descriptor Table (286+ privileged)
Usage: LIDT src
Modifies flags: None
Loads a value from an operand into the Interrupt Descriptor Table
(IDT) register.
Clocks Size
Operands 808x 286 386 486 Bytes
mem64 - 12 11 11 5
LGS - Load Pointer Using GS (386+)
Usage: LGS dest,src
Modifies flags: None
Loads 32-bit pointer from memory source to destination register
and GS. The offset is placed in the destination register and the
segment is placed in GS. To use this instruction the word at the
lower memory address must contain the offset and the word at the
higher address must contain the segment. This simplifies the loading
of far pointers from the stack and the interrupt vector table.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,mem - - 7 6 5-7
reg,mem (PM) - - 22 12 5-7
LLDT - Load Local Descriptor Table (286+ privileged)
Usage: LLDT src
Modifies flags: None
Loads a value from an operand into the Local Descriptor Table
Register (LDTR).
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 17 20 11 3
mem16 - 19 24 11 5
LMSW - Load Machine Status Word (286+ privileged)
Usage: LMSW src
Modifies flags: None
Loads the Machine Status Word (MSW) from data found at "src"
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 3 10 13 3
mem16 - 6 13 13 5
Usage: LOCK
LOCK: (386+ prefix)
Modifies flags: None
This instruction is a prefix that causes the CPU assert bus lock
signal during the execution of the next instruction. Used to
avoid two processors from updating the same data location. The
286 always asserts lock during an XCHG with memory operands. This
should only be used to lock the bus prior to XCHG, MOV, IN and
OUT instructions.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 0 0 1 1
LODS - Load String (Byte, Word or Double)
Usage: LODS src
LODSB
LODSW
LODSD (386+)
Modifies flags: None
Transfers string element addressed by DS:SI (even if an operand is
supplied) to the accumulator. SI is incremented based on the size
of the operand or based on the instruction used. If the Direction
Flag is set SI is decremented, if the Direction Flag is clear SI
is incremented. Use with REP prefixes.
Clocks Size
Operands 808x 286 386 486 Bytes
src 12/16 5 5 5 1
LOOP - Decrement CX and Loop if CX Not Zero
Usage: LOOP label
Modifies flags: None
Decrements CX by 1 and transfers control to "label" if CX is not
Zero. The "label" operand must be within -128 or 127 bytes of the
instruction following the loop instruction
Clocks Size
Operands 808x 286 386 486 Bytes
label: jump 18 8+m 11+m 6 2
no jump 5 4 ? 2
LOOPE/LOOPZ - Loop While Equal / Loop While Zero
Usage: LOOPE label
LOOPZ label
Modifies flags: None
Decrements CX by 1 (without modifying the flags) and transfers
control to "label" if CX != 0 and the Zero Flag is set. The
"label" operand must be within -128 or 127 bytes of the instruction
following the loop instruction.
Clocks Size
Operands 808x 286 386 486 Bytes
label: jump 18 8+m 11+m 9 2
no jump 5 4 ? 6
LOOPNZ/LOOPNE - Loop While Not Zero / Loop While Not Equal
Usage: LOOPNZ label
LOOPNE label
Modifies flags: None
Decrements CX by 1 (without modifying the flags) and transfers
control to "label" if CX != 0 and the Zero Flag is clear. The
"label" operand must be within -128 or 127 bytes of the instruction
following the loop instruction.
Clocks Size
Operands 808x 286 386 486 Bytes
label: jump 19 8+m 11+m 9 2
no jump 5 4 ? 6
LSL - Load Segment Limit (286+ protected)
Usage: LSL dest,src
Modifies flags: ZF
Loads the segment limit of a selector into the destination register
if the selector is valid and visible at the current privilege level.
If loading is successful the Zero Flag is set, otherwise it is
cleared.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,reg16 - 14 20/25 10 3
reg32,reg32 - - 20/25 10 3
reg16,mem16 - 16 21/26 10 5
reg32,mem32 - - 21/26 10 5
- 386 times are listed "byte granular" / "page granular"
LSS - Load Pointer Using SS (386+)
Usage: LSS dest,src
Modifies flags: None
Loads 32-bit pointer from memory source to destination register
and SS. The offset is placed in the destination register and the
segment is placed in SS. To use this instruction the word at the
lower memory address must contain the offset and the word at the
higher address must contain the segment. This simplifies the loading
of far pointers from the stack and the interrupt vector table.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,mem - - 7 6 5-7
reg,mem (PM) - - 22 12 5-7
LTR - Load Task Register (286+ privileged)
Usage: LTR src
Modifies flags: None
Loads the current task register with the value specified in "src".
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 17 23 20 3
mem16 - 19 27 20 5
M
Usage: MOV dest,src
Modifies flags: None
Copies byte or word from the source operand to the destination
operand. If the destination is SS interrupts are disabled except
on early buggy 808x CPUs. Some CPUs disable interrupts if the
destination is any of the segment registers
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 2 2 2 1 2
mem,reg 9+EA 3 2 1 2-4 (W88=13+EA)
reg,mem 8+EA 5 4 1 2-4 (W88=12+EA)
mem,immed 10+EA 3 2 1 3-6 (W88=14+EA)
reg,immed 4 2 2 1 2-3
mem,accum 10 3 2 1 3 (W88=14)
accum,mem 10 5 4 1 3 (W88=14)
segreg,reg16 2 2 2 3 2
segreg,mem16 8+EA 5 5 9 2-4 (W88=12+EA)
reg16,segreg 2 2 2 3 2
mem16,segreg 9+EA 3 2 3 2-4 (W88=13+EA)
reg32,CR0/CR2/CR3 - - 6 4
CR0,reg32 - - 10 16
CR2,reg32 - - 4 4 3
CR3,reg32 - - 5 4 3
reg32,DR0/DR1/DR2/DR3 - 22 10 3
reg32,DR6/DR7 - - 22 10 3
DR0/DR1/DR2/DR3,reg32 - 22 11 3
DR6/DR7,reg32 - - 16 11 3
reg32,TR6/TR7 - - 12 4 3
TR6/TR7,reg32 - - 12 4 3
reg32,TR3 3
TR3,reg32 6
- when the 386 special registers are used all operands are 32 bits
MOVS - Move String (Byte or Word)
Usage: MOVS dest,src
MOVSB
MOVSW
MOVSD (386+)
Modifies flags: None
Copies data from addressed by DS:SI (even if operands are given) to
the location ES:DI destination and updates SI and DI based on the
size of the operand or instruction used. SI and DI are incremented
when the Direction Flag is cleared and decremented when the Direction
Flag is Set. Use with REP prefixes.
Clocks Size
Operands 808x 286 386 486 Bytes
dest,src 18 5 7 7 1 (W88=26)
MOVSX - Move with Sign Extend (386+)
Usage: MOVSX dest,src
Modifies flags: None
Copies the value of the source operand to the destination register
with the sign extended.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - 3 3 3
reg,mem - - 6 3 3-7
MOVZX - Move with Zero Extend (386+)
Usage: MOVZX dest,src
Modifies flags: None
Copies the value of the source operand to the destination register
with the zeroes extended.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg - - 3 3 3
reg,mem - - 6 3 3-7
Usage: MUL src
Modifies flags: CF OF (AF,PF,SF,ZF undefined)
Unsigned multiply of the accumulator by the source. If "src" is
a byte value, then AL is used as the other multiplicand and the
result is placed in AX. If "src" is a word value, then AX is
multiplied by "src" and DX:AX receives the result. If "src" is
a double word value, then EAX is multiplied by "src" and EDX:EAX
receives the result. The 386+ uses an early out algorithm which
makes multiplying any size value in EAX as fast as in the 8 or 16
bit registers.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 70-77 13 9-14 13-18 2
reg16 118-113 21 9-22 13-26 2
reg32 - - 9-38 13-42 2-4
mem8 (76-83)+EA 16 12-17 13-18 2-4
mem16 (124-139)+EA 24 12-25 13-26 2-4
mem32 - - 12-21 13-42 2-4
N
NEG - Two's Complement Negation
Usage: NEG dest
Modifies flags: AF CF OF PF SF ZF
Subtracts the destination from 0 and saves the 2s complement of
"dest" back into "dest".
Clocks Size
Operands 808x 286 386 486 Bytes
reg 3 2 2 1 2
mem 16+EA 7 6 3 2-4 (W88=24+EA)
Usage: NOP
Modifies flags: None
This is a do nothing instruction. It results in occupation of both
space and time and is most useful for patching code segments.
(This is the original XCHG AL,AL instruction)
Clocks Size
Operands 808x 286 386 486 Bytes
none 3 3 3 1 1
NOT - One's Compliment Negation (Logical NOT)
Usage: NOT dest
Modifies flags: None
Inverts the bits of the "dest" operand forming the 1s complement.
Clocks Size
Operands 808x 286 386 486 Bytes
reg 3 2 2 1 2
mem 16+EA 7 6 3 2-4 (W88=24+EA)
O
Usage: OR dest,src
Modifies flags: CF OF PF SF ZF (AF undefined)
Logical inclusive OR of the two operands returning the result in
the destination. Any bit set in either operand will be set in the
destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 7 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 6 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem8,immed8 17+EA 7 7 3 3-6
mem16,immed16 25+EA 7 7 3 3-6
accum,immed 4 3 2 1 2-3
Usage: OUT port,accum
Modifies flags: None
Transfers byte in AL,word in AX or dword in EAX to the specified
hardware port address. If the port number is in the range of 0-255
it can be specified as an immediate. If greater than 255 then the
port number must be specified in DX. Since the PC only decodes 10
bits of the port address, values over 1023 can only be decoded by
third party vendor equipment and also map to the port range 0-1023.
Clocks Size
Operands 808x 286 386 486 Bytes
immed8,accum 10/14 3 10 16 2
immed8,accum (PM) - - 4/24 11/31/29 2
DX,accum 8/12 3 11 16 1
DX,accum (PM) - - 5/25 10/30/29 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing when: CPL ≤ IOPL
second number is the timing when: CPL > IOPL
third number is the timing when: virtual mode on 486 processor
OUTS - Output String to Port (80188+)
Usage: OUTS port,src
OUTSB
OUTSW
OUTSD (386+)
Modifies flags: None
Transfers a byte, word or doubleword from "src" to the hardware
port specified in DX. For instructions with no operands the "src"
is located at DS:SI and SI is incremented or decremented by the
size of the operand or the size dictated by the instruction format.
When the Direction Flag is set SI is decremented, when clear, SI is
incremented. If the port number is in the range of 0-255 it can
be specified as an immediate. If greater than 255 then the port
number must be specified in DX. Since the PC only decodes 10 bits
of the port address, values over 1023 can only be decoded by third
party vendor equipment and also map to the port range 0-1023.
Clocks Size
Operands 808x 286 386 486 Bytes
port,src - 5 14 17 1
port,src (PM) - - 8/28 10/32/30 1
- 386+ protected mode timings depend on privilege levels.
first number is the timing when: CPL ≤ IOPL
second number is the timing when: CPL > IOPL
third number is the timing when: virtual mode on 486 processor
P
Usage: POP dest
Modifies flags: None
Transfers word at the current stack top (SS:SP) to the destination
then increments SP by two to point to the new stack top. CS is not
a valid destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 8 5 4 4 1
reg32 4 - - 4 1
segreg 8 5 7 3 1
mem16 17+EA 5 5 6 2-4
mem32 5 - - 6 2-4
POPA/POPAD - Pop All Registers onto Stack (80188+)
Usage: POPA
POPAD (386+)
Modifies flags: None
Pops the top 8 words off the stack into the 8 general purpose 16/32
bit registers. Registers are popped in the following order: (E)DI,
(E)SI, (E)BP, (E)SP, (E)DX, (E)CX and (E)AX. The (E)SP value popped
from the stack is actually discarded.
Clocks Size
Operands 808x 286 386 486 Bytes
none - 19 24 9 1
POPF/POPFD - Pop Flags off Stack
Usage: POPF
POPFD (386+)
Modifies flags: all flags
Pops word/doubleword from stack into the Flags Register and then
increments SP by 2 (for POPF) or 4 (for POPFD).
Clocks Size
Operands 808x 286 386 486 Bytes
none 8/12 5 5 9 1 (W88=12)
none (PM) - - 5 6 1
Usage: PUSH src
PUSH immed (80188+ only)
Modifies flags: None
Decrements SP by the size of the operand (two or four, byte values
are sign extended) and transfers one word from source to the stack
top (SS:SP).
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 11/15 3 2 1 1
reg32 - - 2 1 1
mem16 16+EA 5 5 4 2-4 (W88=24+EA)
mem32 - - 5 4 2-4
segreg 10/14 3 2 3 1
immed - 3 2 1 2-3
PUSHA/PUSHAD - Push All Registers onto Stack (80188+)
Usage: PUSHA
PUSHAD (386+)
Modifies flags: None
Pushes all general purpose registers onto the stack in the following
order: (E)AX, (E)CX, (E)DX, (E)BX, (E)SP, (E)BP, (E)SI, (E)DI. The
value of SP is the value before the actual push of SP.
Clocks Size
Operands 808x 286 386 486 Bytes
none - 19 24 11 1
PUSHF/PUSHFD - Push Flags onto Stack
Usage: PUSHF
PUSHFD (386+)
Modifies flags: None
Transfers the Flags Register onto the stack. PUSHF saves a 16 bit
value while PUSHFD saves a 32 bit value.
Clocks Size
Operands 808x 286 386 486 Bytes
none 10/14 3 4 4 1
none (PM) - - 4 3 1
R
RCL - Rotate Through Carry Left
Usage: RCL dest,count
Modifies flags: CF OF
+-+ +---------------+
+-+|C|<+--+|7 <---------- 0|<-+
| +-+ +---------------+ |
+-----------------------------+
Rotates the bits in the destination to the left "count" times with
all data pushed out the left side re-entering on the right. The
Carry Flag holds the last bit rotated out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 9 3 2
mem,1 15+EA 7 10 4 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 9 8-30 2
mem,CL 20+EA+4n 8+n 10 9-31 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 9 8-30 3
mem,immed8 - 8+n 10 9-31 3-5
RCR - Rotate Through Carry Right
Usage: RCR dest,count
Modifies flags: CF OF
+---------------+ +-+
+->|7 +---------> 0|+--->|C|+-+
| +---------------+ +-+ |
+-----------------------------+
Rotates the bits in the destination to the right "count" times with
all data pushed out the right side re-entering on the left. The
Carry Flag holds the last bit rotated out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 9 3 2
mem,1 15+EA 7 10 4 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 9 8-30 2
mem,CL 20+EA+4n 8+n 10 9-31 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 9 8-30 3
mem,immed8 - 8+n 10 9-31 3-5
Usage: REP
Modifies flags: None
Repeats execution of string instructions while CX != 0. After
each string operation, CX is decremented and the Zero Flag is
tested. The combination of a repeat prefix and a segment override
on CPU's before the 386 may result in errors if an interrupt occurs
before CX=0. The following code shows code that is susceptible to
this and how to avoid it:
again: rep movs byte ptr ES:[DI],ES:[SI] ; vulnerable instr.
jcxz next ; continue if REP successful
loop again ; interrupt goofed count
next:
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 1
REPE/REPZ - Repeat Equal / Repeat Zero
Usage: REPE
REPZ
Modifies flags: None
Repeats execution of string instructions while CX != 0 and the Zero
Flag is set. CX is decremented and the Zero Flag tested after
each string operation. The combination of a repeat prefix and a
segment override on processors other than the 386 may result in
errors if an interrupt occurs before CX=0.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 1
REPNE/REPNZ - Repeat Not Equal / Repeat Not Zero
Usage: REPNE
REPNZ
Modifies flags: None
Repeats execution of string instructions while CX != 0 and the Zero
Flag is clear. CX is decremented and the Zero Flag tested after
each string operation. The combination of a repeat prefix and a
segment override on processors other than the 386 may result in
errors if an interrupt occurs before CX=0.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 1
RET/RETF - Return From Procedure
Usage: RET nBytes
RETF nBytes
RETN nBytes
Modifies flags: None
Transfers control from a procedure back to the instruction address
saved on the stack. "n bytes" is an optional number of bytes to
release. Far returns pop the IP followed by the CS, while near
returns pop only the IP register.
Clocks Size
Operands 808x 286 386 486 Bytes
retn 16/20 11+m 10+m 5 1
retn immed 20/24 11+m 10+m 5 3
retf 26/34 15+m 18+m 13 1
retf (PM, same priv.) - 32+m 18 1
retf (PM, lesser priv.) - 68 33 1
retf immed 25/33 15+m 18+m 14 3
retf immed (PM, same priv.) 32+m 17 1
retf immed (PM, lesser priv.) 68 33 1
Usage: ROL dest,count
Modifies flags: CF OF
+-+ +---------------+
|C|<++-+|7 <---------- 0|<-+
+-+ | +---------------+ |
+---------------------+
Rotates the bits in the destination to the left "count" times with
all data pushed out the left side re-entering on the right. The
Carry Flag will contain the value of the last bit rotated out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 3 3 2
mem,1 15+EA 7 7 4 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 3 3 2
mem,CL 20+EA+4n 8+n 7 4 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 3 2 3
mem,immed8 - 8+n 7 4 3-5
Usage: ROR dest,count
Modifies flags: CF OF
+---------------+ +-+
+->|7 +---------> 0|+-+->|C|
| +---------------+ | +-+
+---------------------+
Rotates the bits in the destination to the right "count" times with
all data pushed out the right side re-entering on the left. The
Carry Flag will contain the value of the last bit rotated out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 3 3 2
mem,1 15+EA 7 7 4 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 3 3 2
mem,CL 20+EA+4n 8+n 7 4 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 3 2 3
mem,immed8 - 8+n 7 4 3-5
S
SAHF - Store AH Register into FLAGS
Usage: SAHF
Modifies flags: AF CF PF SF ZF
Transfers bits 0-7 of AH into the Flags Register. This includes
AF, CF, PF, SF and ZF.
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 2 3 2 1
SAL/SHL - Shift Arithmetic Left / Shift Logical Left
Usage: SAL dest,count
SHL dest,count
Modifies flags: CF OF PF SF ZF (AF undefined)
+-+ +---------------+ +-+
|C|<---+|7 <---------- 0|<---+|0|
+-+ +---------------+ +-+
Shifts the destination left by "count" bits with zeroes shifted
in on right. The Carry Flag contains the last bit shifted out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 3 3 2
mem,1 15+EA 7 7 4 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 3 3 2
mem,CL 20+EA+4n 8+n 7 4 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 3 2 3
mem,immed8 - 8+n 7 4 3-5
Usage: SAR dest,count
Modifies flags: CF OF PF SF ZF (AF undefined)
+---------------+ +-+
+-+|7 ----------> 0|---+>|C|
| +---------------+ +-+
+---^
Shifts the destination right by "count" bits with the current sign
bit replicated in the leftmost bit. The Carry Flag contains the
last bit shifted out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 3 3 2
mem,1 15+EA 7 7 4 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 3 3 2
mem,CL 20+EA+4n 8+n 7 4 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 3 2 3
mem,immed8 - 8+n 7 4 3-5
SBB - Subtract with Borrow/Carry
Usage: SBB dest,src
Modifies flags: AF CF OF PF SF ZF
Subtracts the source from the destination, and subtracts 1 extra if
the Carry Flag is set. Results are returned in "dest".
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 6 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 7 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=25+EA)
accum,immed 4 3 2 1 2-3
SCAS - Scan String (Byte, Word or Doubleword)
Usage: SCAS string
SCASB
SCASW
SCASD (386+)
Modifies flags: AF CF OF PF SF ZF
Compares value at ES:DI (even if operand is specified) from the
accumulator and sets the flags similar to a subtraction. DI is
incremented/decremented based on the instruction format (or
operand size) and the state of the Direction Flag. Use with REP
prefixes.
Clocks Size
Operands 808x 286 386 486 Bytes
string 15 7 7 6 1 (W88=19)
SETAE/SETNB - Set if Above or Equal / Set if Not Below (386+)
Usage: SETAE dest
SETNB dest
(unsigned, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Carry Flag is clear
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETB/SETNAE - Set if Below / Set if Not Above or Equal (386+)
Usage: SETB dest
SETNAE dest
(unsigned, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Carry Flag is set
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETBE/SETNA - Set if Below or Equal / Set if Not Above (386+)
Usage: SETBE dest
SETNA dest
(unsigned, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Carry Flag or the Zero
Flag is set, otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETE/SETZ - Set if Equal / Set if Zero (386+)
Usage: SETE dest
SETZ dest
Modifies flags: none
Sets the byte in the operand to 1 if the Zero Flag is set,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETNE/SETNZ - Set if Not Equal / Set if Not Zero (386+)
Usage: SETNE dest
SETNZ dest
Modifies flags: none
Sets the byte in the operand to 1 if the Zero Flag is clear,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETL/SETNGE - Set if Less / Set if Not Greater or Equal (386+)
Usage: SETL dest
SETNGE dest
(signed, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Sign Flag is not equal
to the Overflow Flag, otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETGE/SETNL - Set if Greater or Equal / Set if Not Less (386+)
Usage: SETGE dest
SETNL dest
(signed, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Sign Flag equals the
Overflow Flag, otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETLE/SETNG - Set if Less or Equal / Set if Not greater or Equal (386+)
Usage: SETLE dest
SETNG dest
(signed, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Zero Flag is set or the
Sign Flag is not equal to the Overflow Flag, otherwise sets the
operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETG/SETNLE - Set if Greater / Set if Not Less or Equal (386+)
Usage: SETG dest
SETNLE dest
(signed, 386+)
Modifies flags: none
Sets the byte in the operand to 1 if the Zero Flag is clear or the
Sign Flag equals to the Overflow Flag, otherwise sets the operand
to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
Usage: SETS dest
Modifies flags: none
Sets the byte in the operand to 1 if the Sign Flag is set, otherwise
sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETNS - Set if Not Signed (386+)
Usage: SETNS dest
Modifies flags: none
Sets the byte in the operand to 1 if the Sign Flag is clear,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
Usage: SETC dest
Modifies flags: none
Sets the byte in the operand to 1 if the Carry Flag is set,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETNC - Set if Not Carry (386+)
Usage: SETNC dest
Modifies flags: none
Sets the byte in the operand to 1 if the Carry Flag is clear,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
Usage: SETO dest
Modifies flags: none
Sets the byte in the operand to 1 if the Overflow Flag is set,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETNO - Set if Not Overflow (386+)
Usage: SETNO dest
Modifies flags: none
Sets the byte in the operand to 1 if the Overflow Flag is clear,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETP/SETPE - Set if Parity / Set if Parity Even (386+)
Usage: SETP dest
SETPE dest
Modifies flags: none
Sets the byte in the operand to 1 if the Parity Flag is set,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SETNP/SETPO - Set if No Parity / Set if Parity Odd (386+)
Usage: SETNP dest
SETPO dest
Modifies flags: none
Sets the byte in the operand to 1 if the Parity Flag is clear,
otherwise sets the operand to 0.
Clocks Size
Operands 808x 286 386 486 Bytes
reg8 - - 4 3 3
mem8 - - 5 4 3
SGDT - Store Global Descriptor Table (286+ privileged)
Usage: SGDT dest
Modifies flags: none
Stores the Global Descriptor Table (GDT) Register into the
specified operand.
Clocks Size
Operands 808x 286 386 486 Bytes
mem64 - 11 9 10 5
SIDT - Store Interrupt Descriptor Table (286+ privileged)
Usage: SIDT dest
Modifies flags: none
Stores the Interrupt Descriptor Table (IDT) Register into the
specified operand.
Clocks Size
Operands 808x 286 386 486 Bytes
mem64 - 12 9 10 5
See: SAL
Usage: SHR dest,count
Modifies flags: CF OF PF SF ZF (AF undefined)
+-+ +---------------+ +-+
|0|---+>|7 ----------> 0|---+>|C|
+-+ +---------------+ +-+
Shifts the destination right by "count" bits with zeroes shifted
in on the left. The Carry Flag contains the last bit shifted out.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,1 2 2 3 2
mem,1 15+EA 7 7 2-4 (W88=23+EA)
reg,CL 8+4n 5+n 3 2
mem,CL 20+EA+4n 8+n 7 2-4 (W88=28+EA+4n)
reg,immed8 - 5+n 3 3
mem,immed8 - 8+n 7 3-5
SHLD/SHRD - Double Precision Shift (386+)
Usage: SHLD dest,src,count
SHRD dest,src,count
Modifies flags: CF PF SF ZF (OF,AF undefined)
SHLD shifts "dest" to the left "count" times and the bit positions
opened are filled with the most significant bits of "src". SHRD
shifts "dest" to the right "count" times and the bit positions
opened are filled with the least significant bits of the second
operand. Only the 5 lower bits of "count" are used.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16,reg16,immed8 - - 3 2 4
reg32,reg32,immed8 - - 3 2 4
mem16,reg16,immed8 - - 7 3 6
mem32,reg32,immed8 - - 7 3 6
reg16,reg16,CL - - 3 3 3
reg32,reg32,CL - - 3 3 3
mem16,reg16,CL - - 7 4 5
mem32,reg32,CL - - 7 4 5
SLDT - Store Local Descriptor Table (286+ privileged)
Usage: SLDT dest
Modifies flags: none
Stores the Local Descriptor Table (LDT) Register into the
specified operand.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 2 2 2 3
mem16 - 2 2 3 5
SMSW - Store Machine Status Word (286+ privileged)
Usage: SMSW dest
Modifies flags: none
Store Machine Status Word (MSW) into "dest".
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 2 10 2 3
mem16 - 3 3 3 5
Usage: STC
Modifies flags: CF
Sets the Carry Flag to 1.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
Usage: STD
Modifies flags: DF
Sets the Direction Flag to 1 causing string instructions to
auto-decrement SI and DI instead of auto-increment.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 2 1
STI - Set Interrupt Flag (Enable Interrupts)
Usage: STI
Modifies flags: IF
Sets the Interrupt Flag to 1, which enables recognition of all
hardware interrupts. If an interrupt is generated by a hardware
device, an End of Interrupt (EOI) must also be issued to enable
other hardware interrupts of the same or lower priority.
Clocks Size
Operands 808x 286 386 486 Bytes
none 2 2 2 5 1
STOS - Store String (Byte, Word or Doubleword)
Usage: STOS dest
STOSB
STOSW
STOSD
Modifies flags: None
Stores value in accumulator to location at ES:(E)DI (even if operand
is given). (E)DI is incremented/decremented based on the size of
the operand (or instruction format) and the state of the Direction
Flag. Use with REP prefixes.
Clocks Size
Operands 808x 286 386 486 Bytes
dest 11 3 4 5 1 (W88=15)
STR - Store Task Register (286+ privileged)
Usage: STR dest
Modifies flags: None
Stores the current Task Register to the specified operand.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 2 2 2 3
mem16 - 3 2 3 5
Usage: SUB dest,src
Modifies flags: AF CF OF PF SF ZF
The source is subtracted from the destination and the result is
stored in the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 6 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 7 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=25+EA)
accum,immed 4 3 2 1 2-3
T
Usage: TEST dest,src
Modifies flags: CF OF PF SF ZF (AF undefined)
Performs a logical AND of the two operands updating the flags
register without saving the result.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 1 1 2
reg,mem 9+EA 6 5 1 2-4 (W88=13+EA)
mem,reg 9+EA 6 5 2 2-4 (W88=13+EA)
reg,immed 5 3 2 1 3-4
mem,immed 11+EA 6 5 2 3-6
accum,immed 4 3 2 1 2-3
V
VERR - Verify Read (286+ protected)
Usage: VERR src
Modifies flags: ZF
Verifies the specified segment selector is valid and is readable
at the current privilege level. If the segment is readable,
the Zero Flag is set, otherwise it is cleared.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 14 10 11 3
mem16 - 16 11 11 5
VERW - Verify Write (286+ protected)
Usage: VERW src
Modifies flags: ZF
Verifies the specified segment selector is valid and is ratable
at the current privilege level. If the segment is writable,
the Zero Flag is set, otherwise it is cleared.
Clocks Size
Operands 808x 286 386 486 Bytes
reg16 - 14 15 11 3
mem16 - 16 16 11 5
W
Usage: WAIT
FWAIT
Modifies flags: None
CPU enters wait state until the coprocessor signals it has finished
its operation. This instruction is used to prevent the CPU from
accessing memory that may be temporarily in use by the coprocessor.
WAIT and FWAIT are identical.
Clocks Size
Operands 808x 286 386 486 Bytes
none 4 3 6+ 1-3 1
WBINVD - Write-Back and Invalidate Cache (486+)
Usage: WBINVD
Modifies flags: None
Flushes internal cache, then signals the external cache to write
back current data followed by a signal to flush the external cache.
Clocks Size
Operands 808x 286 386 486 Bytes
none - - - 5 2
X
Usage: XCHG dest,src
Modifies flags: None
Exchanges contents of source and destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 4 3 3 3 2
mem,reg 17+EA 5 5 5 2-4 (W88=25+EA)
reg,mem 17+EA 5 5 3 2-4 (W88=25+EA)
accum,reg 3 3 3 3 1
reg,accum 3 3 3 3 1
Usage: XLAT translation-table
XLATB (masm 5.x)
Modifies flags: None
Replaces the byte in AL with byte from a user table addressed by
BX. The original value of AL is the index into the translate table.
The best way to discripe this is MOV AL,[BX+AL]
Clocks Size
Operands 808x 286 386 486 Bytes
table offset 11 5 5 4 1
Usage: XOR dest,src
Modifies flags: CF OF PF SF ZF (AF undefined)
Performs a bitwise exclusive OR of the operands and returns
the result in the destination.
Clocks Size
Operands 808x 286 386 486 Bytes
reg,reg 3 2 2 1 2
mem,reg 16+EA 7 6 3 2-4 (W88=24+EA)
reg,mem 9+EA 7 7 2 2-4 (W88=13+EA)
reg,immed 4 3 2 1 3-4
mem,immed 17+EA 7 7 3 3-6 (W88=25+EA)
accum,immed 4 3 2 1 2-3